Push single via Airwave

‎10-16-201406:46 AM

I want to enable blacklisting with failed auths on about 20 aruba controllers. Can I apply a single command via Airwave? We currently dont provision AP's or apply configurations via Airwave now. Running latest code on everything.

Re: Push single via Airwave

‎10-16-201407:18 AM

You *can* do this with Airwave but you have to make sure that all controllers in the Group share a similar config because once you move to manage mode in the Group, it will use one of the controller's configs as a config template to then sync to all other controllers in the same group. You can use overrides for the 20 controllers you wish to add the blacklist to.

Another thought...do you have Clearpass? If not you really should consider it :-). In there, we can write both the blacklisted clients and a policy to say if an auth comes in from X device group (20 controllers) AND the client Mac/user ID/device is part of the blacklist, then deny access or even redirect to a captive portal explaining what happened. See below example. We can write this blacklist based on a simple list or using more flexible regular expressions. We can also write the blacklist on other context variables like device types and usernames/AD groups.

Re: Push single via Airwave

‎10-16-201408:00 AM

Is there any documentation on creating a blacklist policy via Clearpass? Basically how we have it setup now.. a wireless client connecting to our employee SSID has 4 attempts to connect to the network.. with 4 failed attempts, the client will be blacklisted for 60 mins and then try again. We do this to avoid clients being locked out (via AD).. 5 failed password attempts will lock the client out and can only be unlocked by the helpdesk.. to elevate calls, the account will never be locked via the wireless.